qemu_security: Require full wrappers for APIs that might touch a file

In the future, the transactions are not going to be optional and
they will be run regardless of domain using namespace to collect
list of paths to be relabeled.

To make sure there won't be an API that goes behind transaction
code back update the comment that serves as decision manual
whether an API must be fully implemented or plain #define is
sufficient.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>

diff --git a/src/qemu/qemu_security.h b/src/qemu/qemu_security.h
index c57774debabd195642fa3f9aa704f0c9aa082ebd..ba12eb3caf2f6b78ee5009d9c4055969c7417226 100644 (file)
--- a/src/qemu/qemu_security.h
+++ b/src/qemu/qemu_security.h
@@ -109,7 +109,7 @@ int qemuSecurityRestoreSavedStateLabel(virQEMUDriverPtr driver,
                                        const char *savefile);
 
 /* Please note that for these APIs there is no wrapper yet. Do NOT blindly add
- * new APIs here. If an API can touch a /dev file add a proper wrapper instead.
+ * new APIs here. If an API can touch a file add a proper wrapper instead.
  */
 # define qemuSecurityCheckAllLabel virSecurityManagerCheckAllLabel
 # define qemuSecurityClearSocketLabel virSecurityManagerClearSocketLabel